PyDFIR / pyDFIRRam
PyDFIRRam is a Python library leveraging Volatility 3 to simplify and enhance memory forensics. It streamlines the research, parsing, and analysis of memory dumps, allowing users to focus on data rather than commands.
☆25Updated 7 months ago
Alternatives and similar repositories for pyDFIRRam:
Users that are interested in pyDFIRRam are comparing it to the libraries listed below
- Powershell Linter☆50Updated 2 weeks ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆78Updated 7 months ago
- ☆23Updated 2 months ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆102Updated last month
- DFIR ORC PARSER PROJECT☆25Updated last month
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated 4 months ago
- Shellcode loader based on indirect syscall☆22Updated 2 months ago
- VM Lab for security☆9Updated last year
- linikatz is a tool to attack AD on UNIX☆145Updated last year
- GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.☆147Updated 2 months ago
- ☆20Updated last year
- Ansible + Vagrant + Hyper-V + Vulnerable AD 😎☆91Updated 8 months ago
- ☆139Updated 8 months ago
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆15Updated 3 months ago
- C++ Reflective Assembly Loader☆24Updated last month
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆147Updated 6 months ago
- ☆55Updated 6 months ago
- The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.☆130Updated 5 months ago
- Memory mapping profiles for forensic analysis using volatility 2☆47Updated 2 years ago
- Dissecting and Defeating Ransomware's Evasion Tactics Defcon 32☆11Updated 8 months ago
- ☆93Updated 2 weeks ago
- Source for kiosk.vsim.xyz -- tooling for browser-based, Kiosk mode testing.☆26Updated 10 months ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆123Updated 2 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆124Updated 10 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 11 months ago
- CaptainCredz is a modular and discreet password-spraying tool.☆107Updated 2 weeks ago
- Configuration Extractors for Malware☆96Updated last week
- Ludus is a system to build easy to use cyber environments, or "ranges" for testing and development.☆34Updated last year
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆32Updated 8 months ago
- A collection of tools that I use in CTF's or for assessments☆95Updated 2 months ago